In Symantec Encryption Management Server, in Consumer Policy, there is an option "Override default Keyring locations". This option is available to override the default locations for the keyrings, which is in the users Documents folder. This location can be changed, which means the user's keyrings are created and backed up to the locations that are specified in the Consumer Policy. This option, however, takes effect only during enrollment for the user.
As this option is specified only during enrollment, if a user is already enrolled, the existing keyring locations will be enforced, and will not automatically change the keyring locations for the user. This behavior is by design.
Because this option is specified only during enrollment, if it is required to have a different keyring location to be used, backup the user's keyrings in the current location (most typically the Documents folder in the user's profile), and then move them to the other location. If the user has permissions to change options, open Symantec Encryption Desktop, and right-click on Keys, go to Properties, and browse to the new keyring location.
Alternatively, if a user is re-enrolled, the new keyring location should then take effect. Depending on the keymode, it may be necessary to move the existing keyrings over to the new location.
Subscribing will provide email updates when this Article is updated. Login is required.